Typically, a VPN would be implemented to allow remote workers to securely connect to their company network. When using a VPN, the user would be able to gain access to the IT network and have access to Email, shared folders and other common applications which are deployed in the Data Center at the premises of the company.
In recent years, more and more applications are now being hosted in the public cloud and offered as a managed service by the application vendor. For example, companies are no longer using a Microsoft Exchange Server for their email service, instead they are using Microsoft Office 365, which is fully public cloud based offering.
There are of course many such examples. In fact today, most of the leading business applications being used to day including CRM, shared storage, productivity tools etc are public cloud applications with no IT infrastructure required in the company Data Center.
By being in the public cloud, these applications do not require the remote use to connect via a VPN, instead a multi-factor authentication mechanism is typically used to sign-on.
The result of this is that a remote user will rarely need to use a VPN and this creates a headache for the IT Admin and CISO because it means the remote user is not connecting to the domain and getting any updates such as updated policies, configurations and software distributions including OS patches.
It is very important, if not even more critical that the IT Admin has the visibility of remote users and their endpoints. Configuration mismatches, existence of local admin policies or a non-active anti-malware agent are examples of issues which an Endpoint Configuration Security (ECS) platform can identify. Hackers are taking advantage of the current working from home situation with an increase in attempts reported of successful attacks through endpoint vulnerabilities.
At gytpol, we have recently completed a new feature to our ECS product, gytpol Validator to support reporting of remote user and platforms which do not connect to the IT network and domain. We accelerated this feature to help support our customers in this critical time where their work force are working from home and helping maintain the highest level of security.